Bryan J. Smith wrote: > Adam Gibson <agibson at ptm.com> wrote: > >>M0n0wall is a freebsd based system but it does support a >>public IP DMZ/Service interface. You have to enable >>advanced NATing. > > > Layer-3/4 Source and Destination NAT/PAT (network/port > address translation) is _not_ the same as layer-2 bridging or > layer-3 routing between networks and inspecting the packets > then. I think he's looking for layer-2 bridging or layer-3 > routing, not SNAT/DNAT. M0n0wall can be configured as a bridging firewall. It only appears to be another IP on the LAN when in this mode and does not do NAT. >IPCop does SNAT/DNAT, and can translate multiple public IPs >into private ones -- LAN, 2nd LAN (e.g., WLAN), DMZ, etc... >as well. Yes, but you need to seriously hack it.....IPCop doesn't support multiple subnets on the same interface (LAN or WAN) very well at all. Pre-built m0n0wall boxes are pretty cheap these days: http://www.netgate.com/product_info.php?products_id=209